CyberLock, Lucky_Gh0$t, Numero – The AI-Inspired Malware You Must Avoid скачать в хорошем качестве

CyberLock, Lucky_Gh0$t, Numero – The AI-Inspired Malware You Must Avoid

Cybercriminals are weaponizing the global demand for AI tools by disguising ransomware and destructive malware as legitimate AI software. Three active malware campaigns—CyberLock, Lucky_Gh0$t, and Numero—are currently exploiting fake AI platforms to deceive users and cause widespread damage. 🔹 CyberLock Ransomware Distributed through a malicious website, novaleadsai[.]com, which impersonates the legitimate NovaLeads.app platform. Victims are lured in with a fake 12-month free AI subscription offer. Downloading the installer triggers a .NET-based loader that deploys a PowerShell ransomware module. CyberLock encrypts all disk partitions, renames files with a .cyberlock extension, and uses cipher.exe /w to securely erase traces of deleted files. The malware establishes persistence via Windows Management Instrumentation (WMI) and demands a $50,000 ransom in Monero, citing false humanitarian motives. 🔹 Lucky_Gh0$t Ransomware Poses as a “ChatGPT 4.0 Premium” installer but is actually a Yashma/Chaos ransomware variant. The fake installer is a self-extracting archive containing real Microsoft AI libraries to evade detection. It encrypts files under 1.2GB and appends random extensions. Files over 1.2GB are permanently corrupted with garbage data. The ransom demand is $220 in Bitcoin, and communication is directed through the Session messenger app. Future variants are expected to switch to Monero for payment anonymity. 🔹 Numero Malware Disguised as an installer for InVideo AI, this destructive tool doesn’t encrypt files but renders systems inoperable. It drops and runs a wintitle.exe process in a continuous loop, replacing all window titles and interface text with “1234567890.” There's no ransom demand, no recovery option, and the only fix is a full OS reinstall. These campaigns highlight how attackers are evolving—leveraging social engineering, fake branding, and advanced evasion techniques to spread malware under the guise of AI innovation. Stay vigilant: ⚠️ Only download AI tools from official sources ⚠️ Monitor PowerShell activity ⚠️ Flag or block Monero transactions on financial systems #CyberSecurity #Ransomware #AIThreats #CyberLock #LuckyGh0st #NumeroMalware #FakeAI #ChatGPTMalware #PowerShell #Monero #SocialEngineering #Infosec #MalwareAlert #CyberCrime FIND US AT https://dailysecurityreview.com/ FOLLOW US ON SOCIAL Get updates or reach out to Get updates on our Social Media Profiles! Twitter:   / securitydailyr   Facebook: https://www.facebook.com/profile.php?... LinkedIn:   / security-daily-review